Omnilogin Privacy Policy
This Privacy Policy explains how Omnilogin collects, uses, shares, and protects your personal data when you use our antidetect browser and workflow automation platform. We are committed to transparency and compliance with applicable data protection laws. Last updated: March 31, 2026
1. Introduction & Scope
This Privacy Policy applies to all Users of the Omnilogin Service, including the desktop application, web dashboard, API, and any related services accessible at omnilogin.net and docs.omnilogin.net.
Omnilogin is committed to protecting your personal data in compliance with Vietnamese Decree 13/2023/ND-CP on Personal Data Protection (PDPD), the Law on Cybersecurity 2018 (No. 24/2018/QH14), and where applicable, the principles of the EU General Data Protection Regulation (GDPR). By using the Service, you acknowledge that you have read and understood this Privacy Policy.
This policy covers personal data collected from: registered Users, website visitors, trial users, users of our free tier, paid subscribers, and anyone who communicates with us through support channels or social media.
2. Data Controller Information
The data controller responsible for processing your personal data is:
Company: Omnilogin
Registered Legal Entity: CÔNG TY TNHH HIVESOFT
Registered Address: Tầng 6, tòa nhà MD Complex, số 68 Nguyễn Cơ Thạch, Phường Từ Liêm, Thành phố Hà Nội, Việt Nam
Data Protection Contact: privacy@omnilogin.net
General Support: admin@omnilogin.net
Pursuant to Article 28 of Decree 13/2023/ND-CP, Omnilogin acts as the Data Controller for personal data collected through the Service. For inquiries regarding your personal data rights, please contact our Data Protection Contact at the email above.
3. Data We Collect
We collect the following categories of personal data to provide and improve the Service:
Account Data
Information you provide during registration and Account management: email address, password (stored as a cryptographic hash only), first and last name (optional), company name (optional), and business contact details (optional).
Usage Data
Information about how you interact with the Service: login timestamps, feature usage patterns, browser profile creation/deletion activity, Subscription plan changes, and general usage statistics. This data is aggregated and anonymized wherever possible.
Device Data
Technical information about your device: operating system type and version, device identifier (anonymized), screen resolution, language settings, and application version. This data is used solely for compatibility optimization and troubleshooting.
Payment Data
Transaction records including Subscription plan selected, payment dates, amounts, and payment method type. Important: Credit card numbers, bank account details, and other sensitive financial information are processed exclusively by our third-party payment processors and are never stored on Omnilogin servers.
Support Data
Information you provide when contacting our support team: communication content, attachments (such as screenshots), and any diagnostic data voluntarily shared for troubleshooting purposes.
Data We Do NOT Collect
Omnilogin is designed with privacy-first principles. We do not collect or access: your browsing history within browser profiles, cookies stored in browser profiles, passwords saved in browser profiles, content of websites you visit, or proxy credentials you configure. All session data within browser profiles is stored locally on your device.
4. How We Collect Data
We collect personal data through the following methods:
Directly from You
When you create an Account, update your profile, purchase a Subscription, submit a support request, or communicate with us through any channel (email, Telegram, social media).
Automatically
Through cookies, server logs, and analytics tools when you visit our website or use the Software. This includes IP addresses (anonymized for analytics), access timestamps, pages viewed, referring URLs, and application event logs.
From Third Parties
In limited circumstances, we may receive data from: payment processors (transaction confirmation and fraud detection data), analytics providers (aggregated usage statistics), and social login providers (if you choose to authenticate via a third-party service such as Google).
5. Purpose of Processing
Pursuant to Article 3 of Decree 13/2023/ND-CP, we process your personal data for the following specific and lawful purposes:
Service Delivery: To create and manage your Account, provide access to features according to your Subscription plan, process payments, deliver software updates, and ensure the Service operates correctly.
Product Improvement: To analyze aggregated usage patterns, identify bugs and performance issues, develop new features, and enhance the overall user experience. This processing uses anonymized and aggregated data wherever possible.
Communication: To send transactional emails (invoices, receipts, security alerts, service notifications), respond to support inquiries, and with your consent, send product newsletters and promotional offers.
Security & Fraud Prevention: To detect and prevent unauthorized access, abuse, fraud, and other malicious activities; to enforce our Terms of Service; and to protect the security and integrity of the Service and its Users.
Legal Compliance: To comply with applicable legal obligations, respond to lawful requests from government authorities, and establish, exercise, or defend legal claims.
6. Legal Basis for Processing
In accordance with Decree 13/2023/ND-CP and GDPR principles, we process your personal data based on the following legal grounds:
Consent (Article 11, Decree 13/2023)
For marketing communications, newsletters, promotional emails, and non-essential cookies. You may withdraw your consent at any time (see Section 11: User Rights). Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
Contract Performance
Processing necessary to perform our contract with you, including Account creation, Service delivery, Subscription management, payment processing, and customer support.
Legal Obligation
Processing required to comply with Vietnamese law, including tax record-keeping requirements, the Law on Cybersecurity 2018, and responding to lawful government requests.
Legitimate Interest
Processing necessary for our legitimate business interests, such as fraud prevention, Service security, product improvement through aggregated analytics, and enforcing our Terms of Service. We balance these interests against your rights and freedoms in each case.
7. Data Sharing
We do not sell your personal data. We may share your data only in the following limited circumstances:
Service Providers
We share data with trusted third-party service providers who assist in operating the Service, including cloud hosting providers, email delivery services, and analytics platforms. These providers are contractually bound to process your data only on our instructions and in accordance with this Privacy Policy.
Payment Processors
Payment data is shared with our payment processing partners solely for the purpose of processing transactions, preventing fraud, and complying with financial regulations. These processors are PCI-DSS compliant.
Legal Requirements
We may disclose your data when required by law, court order, or government request; to protect the rights, property, or safety of Omnilogin, our Users, or the public; or to detect, prevent, or address fraud, security issues, or technical problems. We will notify you of such disclosures unless prohibited by law.
Business Transfers
In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity. We will provide notice before your data is transferred and becomes subject to a different privacy policy.
8. International Data Transfer
As a global service with Users in 10+ countries, your personal data may be transferred to and processed in countries other than Vietnam. We ensure that such transfers comply with Chapter IV of Decree 13/2023/ND-CP on cross-border transfer of personal data.
Specifically, we implement the following safeguards for international data transfers:
- •Impact Assessment: Conducting data transfer impact assessments as required by Article 25 of Decree 13/2023/ND-CP before transferring data to a third country
- •Contractual Safeguards: Entering into data processing agreements with all international service providers that include appropriate data protection obligations
- •Encryption: Ensuring data in transit is protected with industry-standard encryption (TLS 1.2 or higher)
- •Regulatory Filing: Filing cross-border data transfer documentation with the Ministry of Public Security as required by Vietnamese law
9. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required by law. Specific retention periods are as follows:
| Data Category | Retention Period | Reason |
|---|---|---|
| Account Data | Duration of Account + 30 days | Service delivery & Account recovery |
| Usage Data | 24 months (anonymized) | Product improvement & analytics |
| Payment Records | 10 years | Vietnamese tax law compliance |
| Support Communications | 36 months | Service quality & dispute resolution |
| Server Logs | 90 days | Security monitoring & troubleshooting |
| Marketing Consent Records | Duration of consent + 36 months | Proof of consent compliance |
Upon expiration of the retention period, data is securely deleted or irreversibly anonymized. You may request earlier deletion by exercising your rights under Section 11.
10. Data Security
Omnilogin implements comprehensive technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:
Encryption
All data in transit is protected with TLS 1.2+ encryption. Sensitive data at rest is encrypted using AES-256. Your master password is stored only as a cryptographic hash (bcrypt) - we cannot access or recover your original password.
Access Control
Access to personal data is restricted to authorized employees on a strict need-to-know basis. We implement role-based access control (RBAC), multi-factor authentication for administrative access, and the principle of least privilege.
Audit & Monitoring
We maintain detailed audit logs of system access and data processing activities. Our infrastructure is continuously monitored for security threats, vulnerabilities, and unusual activity patterns.
Incident Response
We have an established data breach response procedure. In the event of a personal data breach, we will notify affected Users and the relevant authorities within 72 hours, as required by Decree 13/2023/ND-CP and GDPR where applicable.
Local Data Security
Browser profile session data (cookies, browsing history, saved passwords within profiles) is stored locally on your device and is encrypted with your master password. Even if Omnilogin servers were compromised, this local data remains protected. With a sufficiently strong master password, decrypting your local profile data is computationally infeasible.
11. Your Data Rights
Pursuant to Articles 9 and 10 of Decree 13/2023/ND-CP on Personal Data Protection, and in alignment with GDPR principles for our international Users, you have the following rights:
- 1.Right to Know: You have the right to know what personal data we collect, how it is processed, and for what purposes. This Privacy Policy fulfills this obligation.
- 2.Right to Consent: You have the right to consent or refuse consent to the processing of your personal data, except where processing is required by law.
- 3.Right of Access: You may request a copy of the personal data we hold about you. We will respond within 30 days of receiving your verified request.
- 4.Right to Rectification: You may request correction of inaccurate or incomplete personal data. You can update most Account data directly through your dashboard.
- 5.Right to Erasure: You may request deletion of your personal data, subject to legal retention requirements. Upon verified request, we will delete your data within 30 days, except where retention is legally required.
- 6.Right to Withdraw Consent: Where processing is based on consent, you may withdraw your consent at any time by updating your email preferences, adjusting cookie settings, or contacting us at privacy@omnilogin.net.
- 7.Right to Object: You have the right to object to the processing of your personal data for direct marketing purposes or where processing is based on legitimate interests.
- 8.Right to Data Portability: You may request your personal data in a structured, commonly used, and machine-readable format (e.g., JSON or CSV).
- 9.Right to Complain: You have the right to file a complaint with the competent authority (see Section 16) if you believe your data protection rights have been violated.
To exercise any of these rights, please contact our Data Protection Contact at privacy@omnilogin.net. We may require identity verification before processing your request. Requests will be processed free of charge within 30 days; if an extension is needed, we will inform you within the initial 30-day period.
12. Children's Privacy
Omnilogin does not knowingly collect or process personal data from children under 16 years of age, in accordance with Vietnamese law (Decree 13/2023/ND-CP classifies data of children under 16 as sensitive personal data requiring special protection) and GDPR requirements.
The Service is intended for Users aged 18 and above. If we become aware that we have inadvertently collected personal data from a child under 16, we will take immediate steps to delete such data from our systems.
If you are a parent or guardian and believe that your child has provided personal data to Omnilogin, please contact us at privacy@omnilogin.net, and we will promptly investigate and remove the data if confirmed.
13. Cookies & Tracking Technologies
Omnilogin uses cookies and similar tracking technologies on our website (omnilogin.net) and in our web dashboard. The following types of cookies are used:
Essential Cookies
Required for the website and web dashboard to function correctly. These include session cookies, authentication tokens, and security cookies. These cannot be disabled as they are necessary for the Service to operate.
Analytics Cookies
Used to understand how visitors interact with our website, which pages are most popular, and how Users navigate the site. Analytics data is aggregated and does not personally identify you. These cookies are set only with your consent.
Marketing Cookies
Used to deliver relevant advertisements and measure the effectiveness of marketing campaigns. These cookies may be set by our advertising partners and are only activated with your explicit consent.
Managing Cookies
You can control and manage cookies through the following methods:
- •Browser Settings: Most web browsers allow you to control cookies through their settings. You can block or delete cookies at any time.
- •Cookie Banner: When you first visit our website, you can select which categories of cookies to accept or reject through our cookie consent banner.
- •Opt-Out Links: For specific analytics and advertising services, you may use industry opt-out tools such as the Network Advertising Initiative opt-out page.
Note: Disabling essential cookies may prevent the website and web dashboard from functioning properly.
14. Third-Party Links
The Service and our website may contain links to third-party websites, services, or applications, including proxy service providers, documentation resources, and partner platforms.
This Privacy Policy applies only to Omnilogin. We do not control and are not responsible for the privacy practices or content of third-party websites. The inclusion of any link does not imply Omnilogin's endorsement of, or responsibility for, the linked site's data practices.
We strongly recommend reviewing the privacy policy and terms of service of any third-party website or service before providing your personal data to them.
15. Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you through:
- •Email notification to the address associated with your Account
- •A prominent notice on our website for at least 30 days
- •In-app notification within the Omnilogin Software
- •Updating the "Last updated" date at the top of this page
We encourage you to review this Privacy Policy periodically. Your continued use of the Service after the updated Policy becomes effective constitutes your acceptance of the changes. If you disagree with any update, you should stop using the Service and may request deletion of your personal data.
16. Contact & Complaints
If you have questions about this Privacy Policy, wish to exercise your data rights, or need to file a complaint, you can reach us through the following channels:
Data Protection Contact: privacy@omnilogin.net
General Support: admin@omnilogin.net
Telegram Support: Omnilogin Support Chat
Telegram Community: @omnilogin
Registered Legal Entity: CÔNG TY TNHH HIVESOFT
Registered Address: Tầng 6, tòa nhà MD Complex, số 68 Nguyễn Cơ Thạch, Phường Từ Liêm, Thành phố Hà Nội, Việt Nam
Complaint Procedure
- Contact Us First: Submit your complaint to privacy@omnilogin.net with a detailed description of your concern. We will acknowledge receipt within 5 business days and aim to resolve the complaint within 30 days.
- Escalation: If you are not satisfied with our response, you may escalate the matter to our management team by requesting an escalation review in writing.
- Competent Authority: If the complaint remains unresolved, you have the right to file a complaint with the Ministry of Public Security of Vietnam (Department of Cybersecurity and High-Tech Crime Prevention) or the relevant data protection authority in your jurisdiction if applicable.
- For EU Users: If you are located in the European Economic Area, you may also file a complaint with your local Data Protection Authority under GDPR.